SandboxAQ used the opening day of RSAC 2026 to broaden what it calls AI security posture management for enterprises, announcing new AQtive Guard capabilities aimed at finding and controlling AI systems that security teams often do not know are running.

In a March 23 press release, the company said the release expands AQtive Guard discovery and monitoring across AI models, AI agents, Model Context Protocol (MCP) servers and third-party AI services used in applications and by employees. It framed the update around two common scenarios: product teams embedding AI into applications and organizations rolling out AI tools for workforce productivity.

The release centers on new guardrails intended to enforce policies on both inbound prompts and outbound responses at runtime. SandboxAQ said the goal is to reduce prompt-injection exposure and prevent unauthorized data leakage through AI-enabled apps.

The company also added MCP risk analysis, which it described as using an autonomous security agent to evaluate the risk of MCP servers, and posture reporting features designed to support governance and regulatory requirements, including alignment with frameworks such as the EU AI Act.

AQtive Guard is also adding cloud scanning intended to detect AI models and agents deployed across cloud environments to help surface what the company called shadow AI usage.

"AI is becoming embedded in critical enterprise workflows and infrastructure," said Marc Manzano, general manager at SandboxAQ. "Without proper oversight, organizations risk data leakage, prompt injection attacks, or autonomous agents taking actions across enterprise systems without security teams realizing it."

SandboxAQ said the new capabilities are available to select customers now, with broader availability planned for later in 2026. The company plans to demonstrate the update at RSAC 2026 in San Francisco.